pacote - npm Package Compare versions

pacote

Advanced tools

Install Socket

Detect and block malicious and high-risk dependencies

lib/dir.js

		@@ -6,2 +6,3 @@ const Fetcher = require('./fetcher.js')
		const packlist = require('npm-packlist')
		const Arborist = require('@npmcli/arborist')
		const tar = require('tar')
		@@ -72,3 +73,9 @@ const _prepareDir = Symbol('_prepareDir')
		this[_prepareDir]()
		.then(() => packlist({ path: this.resolved, prefix, workspaces }))
		.then(async () => {
		if (!this.tree) {
		const arb = new Arborist({ path: this.resolved })
		this.tree = await arb.loadActual()
		}
		return packlist(this.tree, { path: this.resolved, prefix, workspaces })
		})
		.then(files => tar.c(tarCreateOptions(this.package), files)
		@@ -75,0 +82,0 @@ .on('error', er => stream.emit('error', er)).pipe(stream))

lib/fetcher.js

		@@ -75,2 +75,3 @@ // This is the base class that the other fetcher types in lib
		this.resolved = opts.resolved \|\| null
		this.tree = opts.tree \|\| null

		@@ -77,0 +78,0 @@ // default to caching/verifying with sha512, that's what we usually have

package.json

		{
		"name": "pacote",
		"version": "14.0.0-pre.1",
		"version": "14.0.0-pre.2",
		"description": "JavaScript package downloader",
		@@ -28,2 +28,3 @@ "author": "GitHub Inc.",
		"devDependencies": {
		"@npmcli/arborist": "^6.0.0 \|\| ^6.0.0-pre.0",
		"@npmcli/eslint-config": "^3.1.0",
		@@ -58,3 +59,3 @@ "@npmcli/template-oss": "4.4.2",
		"npm-package-arg": "^9.0.0",
		"npm-packlist": "^6.0.0",
		"npm-packlist": "^7.0.0 \|\| ^7.0.0-pre.0",
		"npm-pick-manifest": "^7.0.0",
		@@ -70,2 +71,5 @@ "npm-registry-fetch": "^13.0.1",
		},
		"peerDependencies": {
		"@npmcli/arborist": "^6.0.0 \|\| ^6.0.0-pre.0"
		},
		"engines": {
		@@ -72,0 +76,0 @@ "node": "^14.17.0 \|\| ^16.13.0 \|\| >=18.0.0"

Improved metrics